Skip to content

[q] Fix network configuration in research workflow #2999

New issue
New issue
Closed
Closed
[q] Fix network configuration in research workflow#2999
Assignees
pelikhancopilot-swe-agent
Labels
automationworkflow-optimization
@github-actions

Description

@github-actions
github-actions
bot
opened on Nov 2, 2025

Q Workflow Optimization Report

Issues Found (from live data)

Investigation Summary

  • Downloaded logs: 5 workflow runs (last 7 days) using gh-aw logs MCP tool
  • Run summary data: /tmp/gh-aw/aw-mcp/logs/run-19006670829/run_summary.json
  • Workflows analyzed: 100 total workflows in repository
  • Tools used: gh-aw MCP server (status, logs, compile commands)

research.md

  • Log Analysis: Workflow status check showed "Compiled: No"
  • Compilation Attempt: Manual compilation revealed warning
  • Issue Identified: Invalid network configuration syntax
    • Current: network.firewall: true (unsupported syntax)
    • Warning: "Selected engine 'claude' does not support network firewalling; workflow specifies network restrictions"

copilot-session-insights.md

  • Log Analysis: Workflow status check showed "Compiled: No"
  • Compilation Performed: Successfully compiled (220.6 KB)
  • Issue: Workflow was not compiled before this analysis
  • Note: No code changes needed, only compilation was required

Changes Made

.github/workflows/research.md

  • Fixed invalid network configuration (line 17-18)
    • Changed network.firewall: true to network: defaults
    • This aligns with the supported network configuration syntax
    • The defaults setting provides basic infrastructure access (certificates, JSON schema, Ubuntu mirrors)

Expected Improvements

  • ✅ Fixed 1 workflow with invalid network syntax
  • ✅ Compiled 2 previously uncompiled workflows (copilot-session-insights, research)
  • ✅ Eliminated compilation warning for research.md
  • ✅ Workflow now compiles cleanly: ✓ .github/workflows/research.md (198.4 KB) with 0 error(s), 0 warning(s)

Validation

All modified workflows compiled successfully using the compile tool from gh-aw MCP server:

  • ✅ research.md - Compiled cleanly (198.4 KB, 0 errors, 0 warnings)
  • ✅ copilot-session-insights.md - Compiled successfully (220.6 KB)

Note: .lock.yml files will be generated automatically after merge via the compilation workflow.

Additional Findings

Based on analysis of 100 workflows in the repository:

Shared Import Usage:

  • shared/reporting.md: 24 workflows (most popular)
  • shared/jqschema.md: 10 workflows
  • shared/mcp/gh-aw.md: 6 workflows

Cost Control Opportunities:

  • Only 2/100 workflows use max-turns configuration
  • 0/100 workflows use stop-after deadline enforcement
  • 57/100 workflows (57%) have timeout_minutes configured
  • Recommendation: Consider adding max-turns to high-iteration workflows

High Token Usage Detected:

  • Run: 19006670829 (Lockfile Statistics Analysis Agent)
  • Tokens: 835,143 ($0.25 cost)
  • Turns: 27 iterations
  • Errors: 20 during execution
  • Opportunity: Could benefit from turn reduction strategies

References

  • Log analysis: /tmp/gh-aw/aw-mcp/logs/
  • Workflow status: gh-aw status command output
  • Compilation validation: gh-aw compile command
  • Repository grep analysis: Pattern matching across workflow files
  • Detailed findings: /tmp/gh-aw/cache-memory/q-optimization-findings.md

AI generated by Q

Note

This was originally intended as a pull request, but the git push operation failed.

Workflow Run: View run details and download patch artifact

The patch file is available as an artifact (aw.patch) in the workflow run linked above.
To apply the patch locally:

# Download the artifact from the workflow run https://github.com/githubnext/gh-aw/actions/runs/19013901875
# (Use GitHub MCP tools if gh CLI is not available)
gh run download 19013901875 -n aw.patch
# Apply the patch
git am aw.patch
Show patch (35 lines) 
From fc561241c167a060146803f5ac4e802eb0cdfe90 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]" <github-actions[bot]@users.noreply.github.com>
Date: Sun, 2 Nov 2025 14:57:41 +0000
Subject: [PATCH] fix(workflows): correct network configuration in research
 workflow

Replace invalid 'network.firewall: true' with 'network: defaults'

- Fixes compilation warning about unsupported network firewalling
- Aligns with proper network configuration syntax
- Workflow now compiles cleanly without warnings

Related to: Q workflow optimization analysis
---
 .github/workflows/research.md | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/.github/workflows/research.md b/.github/workflows/research.md
index a8cf050..ab205b5 100644
--- a/.github/workflows/research.md
+++ b/.github/workflows/research.md
@@ -14,8 +14,7 @@ permissions:
 
 engine: copilot
 
-network:
-  firewall: true
+network: defaults
 
 imports:
   - shared/mcp/tavily.md
-- 
2.51.2

Metadata

Metadata

Assignees

Labels

automationworkflow-optimization

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions